Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats de l'Analyse supplémentaire de Farbar Recovery Scan Tool (x64) Version: 20-01-2023
Exécuté par SYU (22-01-2023 12:54:36)
Exécuté depuis C:\Users\SYU\Desktop
Microsoft Windows 11 Famille Version 22H2 22623.891 (X64) (2022-12-06 10:51:42)
Mode d'amorçage: Normal
==========================================================
==================== Comptes: =============================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.)
Administrateur (S-1-5-21-3260349332-2736728831-3187818672-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3260349332-2736728831-3187818672-503 - Limited - Disabled)
Invité (S-1-5-21-3260349332-2736728831-3187818672-501 - Limited - Disabled)
SYU (S-1-5-21-3260349332-2736728831-3187818672-1001 - Administrator - Enabled) => C:\Users\SYU
WDAGUtilityAccount (S-1-5-21-3260349332-2736728831-3187818672-504 - Limited - Disabled)
==================== Centre de sécurité ========================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: McAfee VirusScan (Enabled - Up to date) {FE987762-0FB6-6BB6-1BF1-73F8ED8566FA}
FW: Pare-feu McAfee (Enabled) {C6A3F647-45D9-6AEE-30AE-DACD13562181}
==================== Programmes installés ======================
(Seuls les logiciels publicitaires ('adware') avec la marque 'caché' ('Hidden') sont susceptibles d'être ajoutés au fichier fixlist.txt pour qu'ils ne soient plus masqués. Les programmes publicitaires devront être désinstallés manuellement.)
A1111 Web UI Autoinstaller (HKLM\...\{FD421784-BC02-4693-9383-F0D888DE3D5C}) (Version: 1.5.7 - Empire Media Science) Hidden
A1111 Web UI Autoinstaller (HKU\S-1-5-21-3260349332-2736728831-3187818672-1001\...\A1111 Web UI Autoinstaller 1.5.7) (Version: 1.5.7 - Empire Media Science)
Adobe After Effects 2022 (HKLM-x32\...\AEFT_22_0) (Version: 22.0 - Adobe Inc.)
Adobe Photoshop CC 2019 (HKLM-x32\...\PHSP_20_0_4) (Version: 20.0.4 - Adobe Systems Incorporated)
Adobe Premiere Pro 2022 (HKLM-x32\...\PPRO_22_0) (Version: 22.0 - Adobe Inc.)
AMD Ryzen Master SDK (HKLM\...\{DBD50508-5F75-416B-995D-C42433A00944}) (Version: 2.7.0.1827 - Advanced Micro Devices, Inc.)
Audacity 3.1.3 (HKLM\...\Audacity_is1) (Version: 3.1.3 - Audacity Team)
Brave (HKLM-x32\...\BraveSoftware Brave-Browser) (Version: 109.1.47.171 - Auteurs de Brave)
CCleaner (HKLM\...\CCleaner) (Version: 6.08 - Piriform)
Deluge 2.1.1 (HKLM-x32\...\Deluge) (Version: - )
Evernote 10.50.10 (HKU\S-1-5-21-3260349332-2736728831-3187818672-1001\...\e4251011-875e-51f3-a464-121adaff5aaa) (Version: 10.50.10 - Evernote Corporation)
ExpressVPN (HKLM-x32\...\{57e033a5-c75e-4823-83af-c1b6b3b759ab}) (Version: 10.0.9.2 - ExpressVPN)
ExpressVPN (HKLM-x32\...\{E5B9C3E5-889C-4F22-A959-F4B876CD0833}) (Version: 10.0.9.2 - ExpressVPN) Hidden
Git (HKLM\...\Git_is1) (Version: 2.39.0.2 - The Git Development Community)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.13 - Google LLC) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 109.0.5414.75 - Google LLC)
HP Audio Switch (HKLM-x32\...\{0B1DA73D-0562-4DE1-B942-CEF286CF2EDD}) (Version: 1.0.211.0 - HP Inc.)
HP Documentation (HKLM\...\HP_Documentation) (Version: 1.0.0.1 - HP Inc.)
HWiNFO64 Version 7.34 (HKLM\...\HWiNFO64_is1) (Version: 7.34 - Martin Malik - REALiX)
Intel(R) C++ Redistributables on Intel(R) 64 (HKLM-x32\...\{F70BCE36-25F2-4475-A918-6209B3D85BF3}) (Version: 15.0.179 - Intel Corporation)
Jagannatha Hora 8.0 (HKLM-x32\...\Jagannatha Hora_is1) (Version: 8.0 - PVR Narasimha Rao)
Lightshot-5.5.0.7 (HKLM-x32\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.5.0.7 - Skillbrains)
McAfee LiveSafe (HKLM-x32\...\MSC) (Version: 16.0 R50 - McAfee, LLC)
Microsoft 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.15928.20216 - Microsoft Corporation)
Microsoft 365 - fr-fr (HKLM\...\O365HomePremRetail - fr-fr) (Version: 16.0.15928.20216 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 109.0.1518.61 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 109.0.1518.61 - Microsoft Corporation)
Microsoft GameInput (HKLM-x32\...\{6BBE9278-659F-FA16-E4B8-C2D60DE0DCC7}) (Version: 10.1.22621.1863 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3260349332-2736728831-3187818672-1001\...\OneDriveSetup.exe) (Version: 22.253.1204.0001 - Microsoft Corporation)
Microsoft OneNote - en-us (HKLM\...\OneNoteFreeRetail - en-us) (Version: 16.0.15928.20216 - Microsoft Corporation)
Microsoft OneNote - fr-fr (HKLM\...\OneNoteFreeRetail - fr-fr) (Version: 16.0.15928.20216 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.28.29334 (HKLM-x32\...\{b2d0f752-adc5-496e-8f70-8669de01f746}) (Version: 14.28.29334.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.34.31931 (HKLM-x32\...\{d4cecf3b-b68f-4995-8840-52ea0fab646e}) (Version: 14.34.31931.0 - Microsoft Corporation)
Microsoft Visual C++ 2019 X86 Additional Runtime - 14.28.29334 (HKLM-x32\...\{14C49FC8-3E9B-4F29-8526-26629B5CF30B}) (Version: 14.28.29334 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.28.29334 (HKLM-x32\...\{0D01A812-82A1-481F-8546-8E28E976F8DF}) (Version: 14.28.29334 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.34.31931 (HKLM\...\{EAE242B1-0A26-485A-BFEB-0292EE9F03CB}) (Version: 14.34.31931 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.34.31931 (HKLM\...\{CF4C347D-954E-4543-88D2-EC17F07F466F}) (Version: 14.34.31931 - Microsoft Corporation) Hidden
Microsoft Visual Studio Code (User) (HKU\S-1-5-21-3260349332-2736728831-3187818672-1001\...\{771FD6B0-FA20-440A-A002-3B3BAC16DC50}_is1) (Version: 1.74.3 - Microsoft Corporation)
NVIDIA FrameView SDK 1.1.4923.29968894 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29968894 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.23.0.74 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.23.0.74 - NVIDIA Corporation)
NVIDIA Logiciel système PhysX 9.20.0221 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.20.0221 - NVIDIA Corporation)
NVIDIA Pilote audio HD : 1.3.38.60 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.60 - NVIDIA Corporation)
NVIDIA Pilote graphique 471.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 471.41 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 28.1.2 - OBS Project)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.15726.20202 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.15928.20198 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.14026.20302 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-040C-1000-0000000FF1CE}) (Version: 16.0.15726.20202 - Microsoft Corporation) Hidden
RetroArch (HKLM-x32\...\RetroArch) (Version: 1.13.0.0 - Libretro)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.18 - VideoLAN)
WebAdvisor par McAfee (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.1.1.800 - McAfee, LLC)
WinRAR 6.11 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.11.0 - win.rar GmbH)
Packages:
=========
AMD Radeon Software -> C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.22.20068.0_x64__0a9344xs7nr4m [2023-01-06] (Advanced Micro Devices Inc.) [Startup Task]
B&O Audio Control -> C:\Program Files\WindowsApps\AD2F1837.BOAudioControl_1.38.277.0_x64__v10z8vjag6ke6 [2023-01-04] (HP Inc.)
Clipchamp -> C:\Program Files\WindowsApps\Clipchamp.Clipchamp_2.5.15.0_neutral__yxz26nhyzhsrt [2023-01-18] (Microsoft Corp.)
Disney+ -> C:\Program Files\WindowsApps\Disney.37853FC22B2CE_1.44.2.0_x64__6rarf9sa4v8jt [2022-12-22] (Disney)
Energy Star -> C:\Program Files\WindowsApps\AD2F1837.HPInc.EnergyStar_1.2.0.0_x64__v10z8vjag6ke6 [2022-12-06] (HP Inc.)
HP CoolSense -> C:\Program Files\WindowsApps\ad2f1837.hpcoolsense_1.1.3.0_x64__v10z8vjag6ke6 [2022-12-06] (HP Inc.)
HP PC Hardware Diagnostics Windows -> C:\Program Files\WindowsApps\AD2F1837.HPPCHardwareDiagnosticsWindows_2.1.0.0_x64__v10z8vjag6ke6 [2023-01-13] (HP Inc.)
HP Privacy Settings -> C:\Program Files\WindowsApps\AD2F1837.HPPrivacySettings_1.1.54.0_x64__v10z8vjag6ke6 [2022-12-08] (HP Inc.)
HP QuickDrop -> C:\Program Files\WindowsApps\AD2F1837.HPQuickDrop_2.5.10921.0_x64__v10z8vjag6ke6 [2022-12-06] (HP Inc.)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_141.2.441.0_x64__v10z8vjag6ke6 [2022-12-06] (HP Inc.)
HP Support Assistant -> C:\Program Files\WindowsApps\AD2F1837.HPSupportAssistant_9.23.20.0_x64__v10z8vjag6ke6 [2023-01-18] (HP Inc.)
HP System Event Utility -> C:\Program Files\WindowsApps\ad2f1837.hpsystemeventutility_1.3.2.0_x64__v10z8vjag6ke6 [2022-12-06] (HP Inc.)
Microsoft Whiteboard -> C:\Program Files\WindowsApps\Microsoft.Whiteboard_53.10114.505.0_x64__8wekyb3d8bbwe [2023-01-20] (Microsoft Corporation)
Minecraft Education -> C:\Program Files\WindowsApps\Microsoft.MinecraftEducationEdition_1.18.4500.0_x64__8wekyb3d8bbwe [2023-01-18] (Microsoft Studios)
ms-resource:app_name_ms_todo -> C:\Program Files\WindowsApps\Microsoft.Todos_2.87.53632.0_x64__8wekyb3d8bbwe [2023-01-11] (Microsoft Corporation) [Startup Task]
ms-resource:AppStoreName -> C:\Program Files\WindowsApps\microsoft.av1videoextension_1.1.52851.0_x64__8wekyb3d8bbwe [2022-12-06] (Microsoft Corporation)
ms-resource:AppStoreName -> C:\Program Files\WindowsApps\Microsoft.RawImageExtension_2.1.32791.0_x64__8wekyb3d8bbwe [2022-12-06] (Microsoft Corporation)
ms-resource:AppxManifest_DisplayName -> C:\Windows\SystemApps\Microsoft.Windows.PrintQueueActionCenter_cw5n1h2txyewy [2022-12-06] (Microsoft Corporation)
ms-resource:DisplayName -> C:\Program Files\WindowsApps\5A894077.McAfeeSecurity_2.1.68.0_x64__wafk5atnkzcwy [2022-12-11] (McAfee LLC.)
ms-resource:gameName -> C:\Program Files\WindowsApps\26720RandomSaladGamesLLC.SimpleSolitaire_7.4.14.0_x64__kx24dqmazqk8j [2022-12-08] (Random Salad Games LLC)
ms-resource:OEMAppName -> C:\Program Files\WindowsApps\C27EB4BA.DropboxOEM_23.4.5.0_x64__xbfy0k16fey96 [2022-12-27] (Dropbox Inc.)
myHP -> C:\Program Files\WindowsApps\AD2F1837.myHP_11.52247.86.0_x64__v10z8vjag6ke6 [2023-01-22] (HP Inc.) [Startup Task]
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.98.1805.0_x64__mcm4njqhnhss8 [2022-12-16] (Netflix, Inc.)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\nvidiacorp.nvidiacontrolpanel_8.1.963.0_x64__56jybvy8sckqj [2022-12-06] (NVIDIA Corp.)
OMEN Gaming Hub -> C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2212.6.0_x64__v10z8vjag6ke6 [2023-01-06] (HP Inc.) [Startup Task]
OMEN Light Studio -> C:\Program Files\WindowsApps\AD2F1837.OMENLightStudio_1.0.19.0_x64__v10z8vjag6ke6 [2022-12-08] (HP Inc.) [Startup Task]
Power Automate -> C:\Program Files\WindowsApps\Microsoft.PowerAutomateDesktop_10.0.5650.0_x64__8wekyb3d8bbwe [2023-01-20] (Microsoft Corporation) [Startup Task]
Prime Video for Windows -> C:\Program Files\WindowsApps\AmazonVideo.PrimeVideo_1.0.122.0_x64__pwbj9vvecjh7j [2023-01-18] (Amazon Development Centre (London) Ltd)
Python 3.10 -> C:\Program Files\WindowsApps\PythonSoftwareFoundation.Python.3.10_3.10.2544.0_x64__qbz5n2kfra8p0 [2023-01-15] (Python Software Foundation)
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.15.12020.0_x64__8wekyb3d8bbwe [2022-12-08] (Microsoft Studios) [MS Ad]
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.203.1115.0_x86__zpdnekdrzrea0 [2023-01-20] (Spotify AB) [Startup Task]
WhatsApp -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2301.4.0_x64__cv1g1gvanyjgm [2023-01-22] (WhatsApp Inc.) [Startup Task]
Windows Feature Experience Pack -> C:\Windows\SystemApps\MicrosoftWindows.Client.Core_cw5n1h2txyewy [2022-12-06] (Microsoft Windows)
WinRAR -> C:\Program Files\WinRAR [2022-12-10] (0)
==================== Personnalisé CLSID (Avec liste blanche): ==============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
CustomCLSID: HKU\S-1-5-21-3260349332-2736728831-3187818672-1001_Classes\CLSID\{D3E34B21-9D75-101A-8C3D-00AA001A1652}\localserver32 -> C:\Program Files\WindowsApps\Microsoft.Paint_11.2210.4.0_x64__8wekyb3d8bbwe\PaintApp\mspaint.exe () [Fichier non signé]
ContextMenuHandlers1: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => C:\Program Files\McAfee\MSC\McCtxMenuFrmWrk.dll [2022-10-19] (McAfee, LLC -> McAfee, LLC)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => -> Pas de fichier
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvhmi.inf_amd64_85fb950577102ec1\nvshext.dll [2022-11-28] (Nvidia Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => C:\Program Files\McAfee\MSC\McCtxMenuFrmWrk.dll [2022-10-19] (McAfee, LLC -> McAfee, LLC)
==================== Codecs (Avec liste blanche) ====================
==================== Raccourcis & WMI ========================
(Les éléments sont susceptibles d'être inscrits dans le fichier fixlist.txt afin d'être supprimés ou restaurés.)
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LastPass.lnk -> C:\Program Files (x86)\Online Services\LastPass\WizLink.exe () -> hxxp://js.redirect.hp.com/jumpstation?bd=lastpass&c=*&locale=*&pf=*&s=*&tp=edge
==================== Modules chargés (Avec liste blanche) =============
2023-01-21 14:07 - 2023-01-21 14:07 - 102033920 _____ () [Fichier non signé] C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2301.4.0_x64__cv1g1gvanyjgm\WhatsApp.dll
2023-01-21 14:07 - 2023-01-21 14:07 - 008572416 _____ () [Fichier non signé] C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2301.4.0_x64__cv1g1gvanyjgm\WhatsAppNative.dll
2021-08-20 06:44 - 2021-08-20 06:44 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppvIsvSubsystems64.dll] C:\Program Files\Microsoft Office\Root\Office16\AppVIsvSubsystems64.dll
2021-08-20 06:44 - 2021-08-20 06:44 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\C2R64.dll] C:\Program Files\Microsoft Office\Root\Office16\c2r64.dll
==================== Alternate Data Streams (Avec liste blanche) ========
==================== Mode sans échec (Avec liste blanche) ==================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le "AlternateShell" sera restauré.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HidSpiCx.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ModuleCoreService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TextInputManagementService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{5099944A-F6B9-4057-A056-8C550228544C} => ""="Memory"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{5099944A-F6B9-4057-A056-8C550228544C} => "SafeBootDrivers"="1"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HidSpiCx.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcapexe => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ModuleCoreService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TextInputManagementService => ""="Service"
==================== Association (Avec liste blanche) =================
==================== Internet Explorer (Avec liste blanche) ==========
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2022-12-07] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-01-14] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-01-14] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-01-14] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-01-14] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-01-14] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-01-14] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-01-14] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-01-14] (Microsoft Corporation -> Microsoft Corporation)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files\McAfee\MSC\McSnIePl64.dll [2022-10-19] (McAfee, LLC -> McAfee, LLC)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files (x86)\McAfee\MSC\McSnIePl.dll [2022-10-19] (McAfee, LLC -> McAfee, LLC)
==================== Hosts contenu: =========================
(Si nécessaire, la commande Hosts: peut être incluse dans le fichier fixlist.txt afin de réinitialiser le fichier hosts.)
2021-06-05 13:08 - 2021-06-05 13:08 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Autres zones ===========================
(Actuellement, il n'y a pas de correction automatique pour cette section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> %INTEL_DEV_REDIST%redist\intel64\compiler;C:\windows\system32;C:\windows;C:\windows\System32\Wbem;C:\windows\System32\WindowsPowerShell\v1.0\;C:\windows\System32\OpenSSH\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\Git\cmd
HKU\S-1-5-21-3260349332-2736728831-3187818672-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\SYU\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 1.1.1.1 - 1.0.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Le Pare-feu est activé.
Network Binding:
=============
Ethernet: Realtek LightWeight Filter (NDIS6.40) -> nt_rtf64 (enabled)
Ethernet 2: Realtek LightWeight Filter (NDIS6.40) -> nt_rtf64 (enabled)
Wi-Fi: Realtek LightWeight Filter (NDIS6.40) -> nt_rtf64 (enabled)
==================== MSCONFIG/TASK MANAGER éléments désactivés ==
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.)
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "ExpressVPNNotificationService"
HKU\S-1-5-21-3260349332-2736728831-3187818672-1001\...\StartupApproved\Run: => "com.evernote.Evernote"
HKU\S-1-5-21-3260349332-2736728831-3187818672-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_3542F0B3C2763F5D8052F5BF8BE10B07"
HKU\S-1-5-21-3260349332-2736728831-3187818672-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3260349332-2736728831-3187818672-1001\...\StartupApproved\Run: => "Steam"
==================== RèglesPare-feu (Avec liste blanche) ================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
FirewallRules: [{064916C4-503A-4D6B-A9C1-125E8D3ED6B8}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe => Pas de fichier
FirewallRules: [{B520B30A-673B-4626-AC9C-E1C9FB447FE2}] => (Allow) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHost.exe (McAfee, LLC -> McAfee, LLC)
FirewallRules: [{50E1168A-3938-40AB-91F5-D4A860B1DB2C}] => (Allow) C:\Program Files (x86)\Common Files\McAfee\MMSSHost\MMSSHost.exe (McAfee, LLC -> McAfee, LLC)
FirewallRules: [{F71C2F02-EF48-4683-AB61-05BD8236DE7B}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_110.8.2.0_x64__v10z8vjag6ke6\win32\OmenCommandCenterBackground.exe => Pas de fichier
FirewallRules: [{E246E97B-94AC-4BF6-B949-92EBF28D788B}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_110.8.2.0_x64__v10z8vjag6ke6\win32\OmenCommandCenterBackground.exe => Pas de fichier
FirewallRules: [{00DE246E-3905-45A5-BFD6-593E8367496D}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_110.8.2.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe => Pas de fichier
FirewallRules: [{1749BBFA-07F2-46CE-837A-44B4C790BF62}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_110.8.2.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe => Pas de fichier
FirewallRules: [{2DC37457-1F60-4B87-8EDB-D1404A4E2294}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_110.8.2.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe => Pas de fichier
FirewallRules: [{BBFDC002-372F-4BCA-9925-0A394806077E}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_110.8.2.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe => Pas de fichier
FirewallRules: [{215CDDE0-5EA3-4F33-A494-205D45D8239F}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_110.8.2.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe => Pas de fichier
FirewallRules: [{07E11814-25DE-4BCD-AF5D-18FB59BA5AD2}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_110.8.2.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe => Pas de fichier
FirewallRules: [{CB737A54-CD3D-4F27-B5B1-E0C303C48E56}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_110.8.2.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe => Pas de fichier
FirewallRules: [{C9747055-0908-41D7-8D80-6008D711B68B}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_110.8.2.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe => Pas de fichier
FirewallRules: [{0355E06D-3C8A-48ED-A294-70662F1C97C9}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_110.8.2.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe => Pas de fichier
FirewallRules: [{6B7BA742-61B4-40FD-8679-DB319D51E465}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_110.8.2.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe => Pas de fichier
FirewallRules: [{C76A0E4D-7228-4FAA-AA24-9C13AE706316}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_110.8.2.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe => Pas de fichier
FirewallRules: [{324319B9-0C18-4375-8CA0-6807F7B87D13}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_110.8.2.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe => Pas de fichier
FirewallRules: [{0D3E3E8C-4207-411A-AE99-D573E4CC2CE5}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_110.8.2.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe => Pas de fichier
FirewallRules: [{DE11C5F0-C6E3-42E6-8A1E-004B68609D83}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_110.8.2.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe => Pas de fichier
FirewallRules: [{2D0EB1D7-CFF1-4D2A-864C-4616A3D15D70}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_110.8.2.0_x64__v10z8vjag6ke6\win32\StreamerV2\Omen.exe => Pas de fichier
FirewallRules: [{F65B04D7-3434-4A31-B05A-73A0BF88BFB3}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_110.8.2.0_x64__v10z8vjag6ke6\win32\StreamerV2\Omen.exe => Pas de fichier
FirewallRules: [{46ABE89C-2F6F-41B5-8B57-281A54FE8912}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_110.8.2.0_x64__v10z8vjag6ke6\win32\StreamerV2\Omen.exe => Pas de fichier
FirewallRules: [{D520F97C-0ACC-4A8E-8991-3CBD689DC391}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_110.8.2.0_x64__v10z8vjag6ke6\win32\StreamerV2\Omen.exe => Pas de fichier
FirewallRules: [{0F3A5A9A-195F-4EE5-B07A-5B0F860A439D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{C49D8F4F-3C12-40FA-84B7-0F268075EF11}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{0EDA1220-70B1-4C12-84DE-DAA83022F591}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{63FDB8EC-3CDA-4277-A71C-C853D1237BBA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{B6779893-46FD-47E4-818C-D13F92A203B7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{4BF85646-AE12-4C3D-9927-0F49D7B64687}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{0F3BF0D5-EFB2-402F-B07A-667E48AAF2A0}] => (Allow) C:\Program Files\WindowsApps\Microsoft.MinecraftEducationEdition_1.14.52.0_x64__8wekyb3d8bbwe\Minecraft.Windows.exe => Pas de fichier
FirewallRules: [{E8F89258-019E-4DF6-80C3-1D18E4956208}] => (Allow) C:\Program Files\WindowsApps\Microsoft.MinecraftEducationEdition_1.14.52.0_x64__8wekyb3d8bbwe\Minecraft.Windows.exe => Pas de fichier
FirewallRules: [{161D938A-911F-40D3-82C9-39368D6D2323}] => (Allow) C:\Program Files\WindowsApps\Microsoft.MinecraftEducationEdition_1.14.52.0_x64__8wekyb3d8bbwe\Minecraft.Windows.exe => Pas de fichier
FirewallRules: [{90DDCAB8-91EF-47EA-98D8-12AE506031FB}] => (Allow) C:\Program Files\WindowsApps\Microsoft.MinecraftEducationEdition_1.14.52.0_x64__8wekyb3d8bbwe\Minecraft.Windows.exe => Pas de fichier
FirewallRules: [{C2861F3D-1ABF-4097-A079-4AA77B80F53E}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{196DAAB7-7517-4156-90B4-B101B72C0516}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{AD0EAE8C-A004-46E2-A6FA-96F6C7071929}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{83CE84FD-FAE0-4961-815E-A98DC17932C8}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{4962EC5A-1D6C-47A8-A2FA-4CDCCFF0B706}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\MONSTER HUNTER RISE SUNBREAK DEMO\MHRiseSunbreakDemo.exe (CAPCOM CO., LTD. -> )
FirewallRules: [{B8025F36-3647-493F-B465-6C5CB2EC621B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\MONSTER HUNTER RISE SUNBREAK DEMO\MHRiseSunbreakDemo.exe (CAPCOM CO., LTD. -> )
FirewallRules: [{B0F1A0F9-E042-4474-BC1D-DFA1FC1B727C}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{371187AB-462E-40AA-B0D7-624D7C41D32E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TEKKEN 7\TEKKEN 7.exe () [Fichier non signé]
FirewallRules: [{C39F2992-1B3A-411A-A764-AA368253067E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TEKKEN 7\TEKKEN 7.exe () [Fichier non signé]
FirewallRules: [{CCEB2C03-F93C-432C-A1E3-177E559BADC1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Halo Infinite\HaloInfinite.exe (343 Industries (Microsoft Corporation) -> Microsoft Corporation)
FirewallRules: [{DED2359D-92A9-4FD3-B164-83AAE581B40A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Halo Infinite\HaloInfinite.exe (343 Industries (Microsoft Corporation) -> Microsoft Corporation)
FirewallRules: [{97197F7A-278E-4111-B51F-BB7CE9AF5478}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TMNT\TMNT.exe (Tribute Games) [Fichier non signé]
FirewallRules: [{FD29D464-72AB-4578-94A6-8BDF58729EC9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TMNT\TMNT.exe (Tribute Games) [Fichier non signé]
FirewallRules: [{42B55784-4B28-431F-805C-A0BFFEDBF648}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Alice Madness Returns\Binaries\Win32\AliceMadnessReturns.exe () [Fichier non signé]
FirewallRules: [{749F81A3-44F3-40BA-944A-61E67E4CC644}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Alice Madness Returns\Binaries\Win32\AliceMadnessReturns.exe () [Fichier non signé]
FirewallRules: [{324F43E1-F607-4F8E-91A5-080511A4B053}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Space Runaway\SpaceRunaway.exe (Epic Games, Inc.) [Fichier non signé]
FirewallRules: [{DB91832B-3D84-4828-9DAF-81A02D23808F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Space Runaway\SpaceRunaway.exe (Epic Games, Inc.) [Fichier non signé]
FirewallRules: [{235E7FE3-2417-4A8E-AEA3-3DB94441D433}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2212.6.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe (HP Inc. -> HP Inc.)
FirewallRules: [{7B7C8BD5-A3B1-46E6-8FAA-8E6E9AFCCD34}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2212.6.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe (HP Inc. -> HP Inc.)
FirewallRules: [{F9573ED3-8656-4927-B953-A701CF47E31D}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2212.6.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe (HP Inc. -> HP Inc.)
FirewallRules: [{93F5127C-C840-4890-B375-F365729E7DC8}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2212.6.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe (HP Inc. -> HP Inc.)
FirewallRules: [{D85A5558-9EEB-48E8-A0E0-7A209DCF5A63}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2212.6.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe (HP Inc. -> HP Inc.)
FirewallRules: [{A905AFC5-C28B-4149-AC8B-4AA70855F98C}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2212.6.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe (HP Inc. -> HP Inc.)
FirewallRules: [{5DE86443-9AF3-415F-A1B3-13136156000C}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2212.6.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe (HP Inc. -> HP Inc.)
FirewallRules: [{54108912-BD4B-4D45-99CD-4471591C60D7}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2212.6.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe (HP Inc. -> HP Inc.)
FirewallRules: [{2ED392AC-28A1-49C6-853E-1067A8224F2C}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2212.6.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe (HP Inc. -> HP Inc.)
FirewallRules: [{8C91C1C9-59FC-4AFC-83EA-4E1DE03077CC}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2212.6.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe (HP Inc. -> HP Inc.)
FirewallRules: [{C5C05D9F-C559-4E03-973A-8B5BB3E0577F}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2212.6.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe (HP Inc. -> HP Inc.)
FirewallRules: [{82FB25DF-7D27-49B5-98FF-CAFA046F5955}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2212.6.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe (HP Inc. -> HP Inc.)
FirewallRules: [{8EA3127A-7294-419D-8958-6C674D189EF8}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2212.6.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe (HP Inc. -> HP Inc.)
FirewallRules: [{269C484B-8550-4DCD-8F82-8A97C4CE11E5}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2212.6.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe (HP Inc. -> HP Inc.)
FirewallRules: [{D84E360F-953C-48C1-8027-FDB92AF9DE17}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2212.6.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\OmenCommandCenterBackground.exe (HP Inc. -> HP Inc.)
FirewallRules: [{705AE79C-65C3-49AF-BBF5-38CE7A9519E2}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2212.6.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\OmenCommandCenterBackground.exe (HP Inc. -> HP Inc.)
FirewallRules: [{91E257AF-4745-4BF3-B322-C9D3371B171D}] => (Allow) C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe (Brave Software, Inc. -> Brave Software, Inc.)
FirewallRules: [{CE7C16CB-859B-4253-97CE-64478A10F1FE}] => (Allow) C:\Program Files\WindowsApps\Microsoft.MinecraftEducationEdition_1.18.4500.0_x64__8wekyb3d8bbwe\Minecraft.Windows.exe (Microsoft Corporation -> )
FirewallRules: [{F5DC8D74-11F9-41C9-B44E-922965661BCE}] => (Allow) C:\Program Files\WindowsApps\Microsoft.MinecraftEducationEdition_1.18.4500.0_x64__8wekyb3d8bbwe\Minecraft.Windows.exe (Microsoft Corporation -> )
FirewallRules: [{E60F5036-3ED6-433A-8BBB-4D1099DFB556}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_22336.910.1806.2450_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A051AEAC-64DD-4FB6-A604-3D70F5617112}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_22336.910.1806.2450_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{46694330-8ED9-4F26-9029-9F1D352473AD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Vengeful Guardian Moonrider Demo\Vengeful Guardian Moonrider STEAM DEMO.exe (Asteristic Game Studio and Joymasher) [Fichier non signé]
FirewallRules: [{3C6D22EB-1455-4199-A2C7-6116E7C6D2C5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Vengeful Guardian Moonrider Demo\Vengeful Guardian Moonrider STEAM DEMO.exe (Asteristic Game Studio and Joymasher) [Fichier non signé]
FirewallRules: [{CA5ADF3C-62BC-4D21-A5F9-5E17C7EF0EA7}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\109.0.1518.61\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{9A235D4F-D485-4CEC-A4ED-B4A8F14D9643}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.203.1115.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{820AA220-745C-44A5-8CA3-227F0F3C7D0B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.203.1115.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{40F1DA15-BEC4-4337-B8F1-99B8A6472AE0}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.203.1115.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{DC7A8A72-419F-426F-AD96-C65D4D81A6E4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.203.1115.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{9F5F037A-F74B-4633-B059-659C5B8EF195}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.203.1115.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{FCFABC08-78F2-458C-90C1-0D9DA6812DE8}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.203.1115.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{8084D6DB-3D1E-415C-89F5-AE08D5C681E9}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.203.1115.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{41F3D395-0F23-4536-8433-877E8A85AF61}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.203.1115.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{CDC98673-5B76-49B4-933A-E7CBD1CFFE5C}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
==================== Points de restauration =========================
10-01-2023 12:54:15 Point de contrôle planifié
17-01-2023 10:26:48 Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.34.31931
22-01-2023 06:45:59 AdwCleaner_BeforeCleaning_22/01/2023_06:45:58
==================== Éléments en erreur du Gestionnaire de périphériques ============
==================== Erreurs du Journal des événements: ========================
Erreurs Application:
==================
Error: (01/21/2023 01:12:12 PM) (Source: Application Error) (EventID: 1000) (User: AUTORITE NT)
Description: Nom de l’application défaillante McSync.exe, version : 19.20.141.0, horodatage : 0x635026ad
Nom du module défaillant : ntdll.dll, version : 10.0.22621.885, horodatage : 0xe3dee9a7
Code d’exception : 0xc0000005
Décalage d’erreur : 0x000000000003419a
ID du processus défaillant : 0x0x11b4
Heure de début de l’application défaillante : 0x0x1d92d91968b34f0
Chemin d’accès de l’application défaillante : C:\Program Files\McAfee\MSC\McSync.exe
Chemin d’accès du module défaillant: C:\WINDOWS\SYSTEM32\ntdll.dll
ID de rapport : 37dea8b4-f211-4b44-ba47-3d7499e9c92e
Nom complet du package défaillant :
ID de l’application relative au package défaillant :
Error: (01/20/2023 09:39:24 AM) (Source: Application Error) (EventID: 1000) (User: AUTORITE NT)
Description: Nom de l’application défaillante McSync.exe, version : 19.20.141.0, horodatage : 0x635026ad
Nom du module défaillant : ntdll.dll, version : 10.0.22621.885, horodatage : 0xe3dee9a7
Code d’exception : 0xc0000005
Décalage d’erreur : 0x000000000003419a
ID du processus défaillant : 0x0x6148
Heure de début de l’application défaillante : 0x0x1d92caab194a259
Chemin d’accès de l’application défaillante : C:\Program Files\McAfee\MSC\McSync.exe
Chemin d’accès du module défaillant: C:\WINDOWS\SYSTEM32\ntdll.dll
ID de rapport : 40cd29b9-840e-412f-9cc7-27f006d673a8
Nom complet du package défaillant :
ID de l’application relative au package défaillant :
Error: (01/19/2023 10:56:41 AM) (Source: Application Error) (EventID: 1000) (User: AUTORITE NT)
Description: Nom de l’application défaillante McSync.exe, version : 19.20.141.0, horodatage : 0x635026ad
Nom du module défaillant : ntdll.dll, version : 10.0.22621.885, horodatage : 0xe3dee9a7
Code d’exception : 0xc0000005
Décalage d’erreur : 0x000000000003419a
ID du processus défaillant : 0x0x1694
Heure de début de l’application défaillante : 0x0x1d92bec52d08201
Chemin d’accès de l’application défaillante : C:\Program Files\McAfee\MSC\McSync.exe
Chemin d’accès du module défaillant: C:\WINDOWS\SYSTEM32\ntdll.dll
ID de rapport : 320c2e7a-3d00-4a74-b413-6b957ef8265e
Nom complet du package défaillant :
ID de l’application relative au package défaillant :
Error: (01/19/2023 09:29:59 AM) (Source: CertEnroll) (EventID: 86) (User: AUTORITE NT)
Description: Échec de l’initialisation de l’inscription du certificat SCEP pour WORKGROUP\JB$ via https://AMD-KeyId-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net/templates/Aik/scep :
GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Thu, 19 Jan 2023 08:30:01 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: d46542e9-8948-424a-a40e-b403d232af54
Méthode : GET(188ms)
Étape : GetCACaps
Non trouvé (404). 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)
Error: (01/19/2023 09:29:58 AM) (Source: CertEnroll) (EventID: 86) (User: AUTORITE NT)
Description: Échec de l’initialisation de l’inscription du certificat SCEP pour Système local via https://AMD-KeyId-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net/templates/Aik/scep :
GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Thu, 19 Jan 2023 08:29:59 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: 3792d26c-9405-44a1-b958-efc8fb54cfe3
Méthode : GET(1406ms)
Étape : GetCACaps
Non trouvé (404). 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)
Error: (01/18/2023 10:56:33 AM) (Source: Application Error) (EventID: 1000) (User: AUTORITE NT)
Description: Nom de l’application défaillante McSync.exe, version : 19.20.141.0, horodatage : 0x635026ad
Nom du module défaillant : ntdll.dll, version : 10.0.22621.885, horodatage : 0xe3dee9a7
Code d’exception : 0xc0000005
Décalage d’erreur : 0x000000000003419a
ID du processus défaillant : 0x0x820
Heure de début de l’application défaillante : 0x0x1d92b23240f4a46
Chemin d’accès de l’application défaillante : C:\Program Files\McAfee\MSC\McSync.exe
Chemin d’accès du module défaillant: C:\WINDOWS\SYSTEM32\ntdll.dll
ID de rapport : d043ad3e-d216-4d52-89a7-987643e06eb9
Nom complet du package défaillant :
ID de l’application relative au package défaillant :
Error: (01/17/2023 12:23:09 PM) (Source: Application Error) (EventID: 1000) (User: AUTORITE NT)
Description: Nom de l’application défaillante McSync.exe, version : 19.20.141.0, horodatage : 0x635026ad
Nom du module défaillant : ntdll.dll, version : 10.0.22621.885, horodatage : 0xe3dee9a7
Code d’exception : 0xc0000005
Décalage d’erreur : 0x000000000003419a
ID du processus défaillant : 0x0x4eb8
Heure de début de l’application défaillante : 0x0x1d92a66128f906e
Chemin d’accès de l’application défaillante : C:\Program Files\McAfee\MSC\McSync.exe
Chemin d’accès du module défaillant: C:\WINDOWS\SYSTEM32\ntdll.dll
ID de rapport : 83528aaf-caa9-460e-aa0a-14f0124843a5
Nom complet du package défaillant :
ID de l’application relative au package défaillant :
Error: (01/17/2023 10:03:13 AM) (Source: CertEnroll) (EventID: 86) (User: AUTORITE NT)
Description: Échec de l’initialisation de l’inscription du certificat SCEP pour WORKGROUP\JB$ via https://AMD-KeyId-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net/templates/Aik/scep :
GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Tue, 17 Jan 2023 09:03:15 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: 544c2494-5cd5-412d-899d-6edde17a33da
Méthode : GET(188ms)
Étape : GetCACaps
Non trouvé (404). 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)
Erreurs système:
=============
Error: (01/22/2023 06:46:08 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Le service McAfee WebAdvisor s’est terminé de manière inattendue. Ceci s’est produit 1 fois. L’action corrective suivante va être effectuée dans 1 millisecondes : Redémarrer le service.
Error: (01/22/2023 06:46:08 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Le service Microsoft Office Click-to-Run Service s’est terminé de manière inattendue. Ceci s’est produit 1 fois. L’action corrective suivante va être effectuée dans 0 millisecondes : Redémarrer le service.
Error: (01/22/2023 06:46:08 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Le service HP Analytics service s’est terminé de manière inattendue. Ceci s’est produit 1 fois. L’action corrective suivante va être effectuée dans 30000 millisecondes : Redémarrer le service.
Error: (01/22/2023 06:46:08 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Le service Realtek Bluetooth Device Manager Service s’est terminé de façon inattendue pour la 1ème fois.
Error: (01/22/2023 06:46:08 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Le service Realtek Audio Universal Service s’est terminé de manière inattendue. Ceci s’est produit 1 fois. L’action corrective suivante va être effectuée dans 0 millisecondes : Redémarrer le service.
Error: (01/22/2023 06:46:08 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Le service HP App Helper HSA Service s’est terminé de manière inattendue. Ceci s’est produit 1 fois. L’action corrective suivante va être effectuée dans 5000 millisecondes : Redémarrer le service.
Error: (01/22/2023 06:46:08 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Le service HP Comm Recovery s’est terminé de façon inattendue pour la 1ème fois.
Error: (01/22/2023 06:46:08 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Le service Sound Research SECOMN Service s’est terminé de façon inattendue pour la 1ème fois.
CodeIntegrity:
===============
Date: 2023-01-22 12:41:24
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\McAfee\MfeAV\AMSIExt.dll that did not meet the Windows signing level requirements.
==================== Infos Mémoire ===========================
BIOS: AMI F.22 08/10/2022
Carte mère: HP 88DF
Processeur: AMD Ryzen 5 5600H with Radeon Graphics
Pourcentage de mémoire utilisée: 69%
Mémoire physique - RAM - totale: 7523.32 MB
Mémoire physique - RAM - disponible: 2331.48 MB
Mémoire virtuelle totale: 23395.32 MB
Mémoire virtuelle disponible: 13857.53 MB
==================== Lecteurs ================================
Drive c: (Windows) (Fixed) (Total:476.08 GB) (Free:94.67 GB) (Model: INTEL SSDPEKNU512GZH) NTFS
\\?\Volume{e9b349c9-8df2-4637-b433-5395ac22903a}\ (Windows RE tools) (Fixed) (Total:0.58 GB) (Free:0.05 GB) NTFS
\\?\Volume{e24d5257-9377-49b6-a503-8ff3633e7006}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.17 GB) FAT32
==================== MBR & Table des partitions ====================
==========================================================
Disk: 0 (Size: 476.9 GB) (Disk ID: 179A525C)
Partition: GPT.
==================== Fin de Addition.txt =======================
Exécuté par SYU (22-01-2023 12:54:36)
Exécuté depuis C:\Users\SYU\Desktop
Microsoft Windows 11 Famille Version 22H2 22623.891 (X64) (2022-12-06 10:51:42)
Mode d'amorçage: Normal
==========================================================
==================== Comptes: =============================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.)
Administrateur (S-1-5-21-3260349332-2736728831-3187818672-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3260349332-2736728831-3187818672-503 - Limited - Disabled)
Invité (S-1-5-21-3260349332-2736728831-3187818672-501 - Limited - Disabled)
SYU (S-1-5-21-3260349332-2736728831-3187818672-1001 - Administrator - Enabled) => C:\Users\SYU
WDAGUtilityAccount (S-1-5-21-3260349332-2736728831-3187818672-504 - Limited - Disabled)
==================== Centre de sécurité ========================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: McAfee VirusScan (Enabled - Up to date) {FE987762-0FB6-6BB6-1BF1-73F8ED8566FA}
FW: Pare-feu McAfee (Enabled) {C6A3F647-45D9-6AEE-30AE-DACD13562181}
==================== Programmes installés ======================
(Seuls les logiciels publicitaires ('adware') avec la marque 'caché' ('Hidden') sont susceptibles d'être ajoutés au fichier fixlist.txt pour qu'ils ne soient plus masqués. Les programmes publicitaires devront être désinstallés manuellement.)
A1111 Web UI Autoinstaller (HKLM\...\{FD421784-BC02-4693-9383-F0D888DE3D5C}) (Version: 1.5.7 - Empire Media Science) Hidden
A1111 Web UI Autoinstaller (HKU\S-1-5-21-3260349332-2736728831-3187818672-1001\...\A1111 Web UI Autoinstaller 1.5.7) (Version: 1.5.7 - Empire Media Science)
Adobe After Effects 2022 (HKLM-x32\...\AEFT_22_0) (Version: 22.0 - Adobe Inc.)
Adobe Photoshop CC 2019 (HKLM-x32\...\PHSP_20_0_4) (Version: 20.0.4 - Adobe Systems Incorporated)
Adobe Premiere Pro 2022 (HKLM-x32\...\PPRO_22_0) (Version: 22.0 - Adobe Inc.)
AMD Ryzen Master SDK (HKLM\...\{DBD50508-5F75-416B-995D-C42433A00944}) (Version: 2.7.0.1827 - Advanced Micro Devices, Inc.)
Audacity 3.1.3 (HKLM\...\Audacity_is1) (Version: 3.1.3 - Audacity Team)
Brave (HKLM-x32\...\BraveSoftware Brave-Browser) (Version: 109.1.47.171 - Auteurs de Brave)
CCleaner (HKLM\...\CCleaner) (Version: 6.08 - Piriform)
Deluge 2.1.1 (HKLM-x32\...\Deluge) (Version: - )
Evernote 10.50.10 (HKU\S-1-5-21-3260349332-2736728831-3187818672-1001\...\e4251011-875e-51f3-a464-121adaff5aaa) (Version: 10.50.10 - Evernote Corporation)
ExpressVPN (HKLM-x32\...\{57e033a5-c75e-4823-83af-c1b6b3b759ab}) (Version: 10.0.9.2 - ExpressVPN)
ExpressVPN (HKLM-x32\...\{E5B9C3E5-889C-4F22-A959-F4B876CD0833}) (Version: 10.0.9.2 - ExpressVPN) Hidden
Git (HKLM\...\Git_is1) (Version: 2.39.0.2 - The Git Development Community)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.13 - Google LLC) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 109.0.5414.75 - Google LLC)
HP Audio Switch (HKLM-x32\...\{0B1DA73D-0562-4DE1-B942-CEF286CF2EDD}) (Version: 1.0.211.0 - HP Inc.)
HP Documentation (HKLM\...\HP_Documentation) (Version: 1.0.0.1 - HP Inc.)
HWiNFO64 Version 7.34 (HKLM\...\HWiNFO64_is1) (Version: 7.34 - Martin Malik - REALiX)
Intel(R) C++ Redistributables on Intel(R) 64 (HKLM-x32\...\{F70BCE36-25F2-4475-A918-6209B3D85BF3}) (Version: 15.0.179 - Intel Corporation)
Jagannatha Hora 8.0 (HKLM-x32\...\Jagannatha Hora_is1) (Version: 8.0 - PVR Narasimha Rao)
Lightshot-5.5.0.7 (HKLM-x32\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.5.0.7 - Skillbrains)
McAfee LiveSafe (HKLM-x32\...\MSC) (Version: 16.0 R50 - McAfee, LLC)
Microsoft 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.15928.20216 - Microsoft Corporation)
Microsoft 365 - fr-fr (HKLM\...\O365HomePremRetail - fr-fr) (Version: 16.0.15928.20216 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 109.0.1518.61 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 109.0.1518.61 - Microsoft Corporation)
Microsoft GameInput (HKLM-x32\...\{6BBE9278-659F-FA16-E4B8-C2D60DE0DCC7}) (Version: 10.1.22621.1863 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3260349332-2736728831-3187818672-1001\...\OneDriveSetup.exe) (Version: 22.253.1204.0001 - Microsoft Corporation)
Microsoft OneNote - en-us (HKLM\...\OneNoteFreeRetail - en-us) (Version: 16.0.15928.20216 - Microsoft Corporation)
Microsoft OneNote - fr-fr (HKLM\...\OneNoteFreeRetail - fr-fr) (Version: 16.0.15928.20216 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.28.29334 (HKLM-x32\...\{b2d0f752-adc5-496e-8f70-8669de01f746}) (Version: 14.28.29334.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.34.31931 (HKLM-x32\...\{d4cecf3b-b68f-4995-8840-52ea0fab646e}) (Version: 14.34.31931.0 - Microsoft Corporation)
Microsoft Visual C++ 2019 X86 Additional Runtime - 14.28.29334 (HKLM-x32\...\{14C49FC8-3E9B-4F29-8526-26629B5CF30B}) (Version: 14.28.29334 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.28.29334 (HKLM-x32\...\{0D01A812-82A1-481F-8546-8E28E976F8DF}) (Version: 14.28.29334 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.34.31931 (HKLM\...\{EAE242B1-0A26-485A-BFEB-0292EE9F03CB}) (Version: 14.34.31931 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.34.31931 (HKLM\...\{CF4C347D-954E-4543-88D2-EC17F07F466F}) (Version: 14.34.31931 - Microsoft Corporation) Hidden
Microsoft Visual Studio Code (User) (HKU\S-1-5-21-3260349332-2736728831-3187818672-1001\...\{771FD6B0-FA20-440A-A002-3B3BAC16DC50}_is1) (Version: 1.74.3 - Microsoft Corporation)
NVIDIA FrameView SDK 1.1.4923.29968894 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29968894 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.23.0.74 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.23.0.74 - NVIDIA Corporation)
NVIDIA Logiciel système PhysX 9.20.0221 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.20.0221 - NVIDIA Corporation)
NVIDIA Pilote audio HD : 1.3.38.60 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.60 - NVIDIA Corporation)
NVIDIA Pilote graphique 471.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 471.41 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 28.1.2 - OBS Project)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.15726.20202 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.15928.20198 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.14026.20302 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-040C-1000-0000000FF1CE}) (Version: 16.0.15726.20202 - Microsoft Corporation) Hidden
RetroArch (HKLM-x32\...\RetroArch) (Version: 1.13.0.0 - Libretro)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.18 - VideoLAN)
WebAdvisor par McAfee (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.1.1.800 - McAfee, LLC)
WinRAR 6.11 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.11.0 - win.rar GmbH)
Packages:
=========
AMD Radeon Software -> C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.22.20068.0_x64__0a9344xs7nr4m [2023-01-06] (Advanced Micro Devices Inc.) [Startup Task]
B&O Audio Control -> C:\Program Files\WindowsApps\AD2F1837.BOAudioControl_1.38.277.0_x64__v10z8vjag6ke6 [2023-01-04] (HP Inc.)
Clipchamp -> C:\Program Files\WindowsApps\Clipchamp.Clipchamp_2.5.15.0_neutral__yxz26nhyzhsrt [2023-01-18] (Microsoft Corp.)
Disney+ -> C:\Program Files\WindowsApps\Disney.37853FC22B2CE_1.44.2.0_x64__6rarf9sa4v8jt [2022-12-22] (Disney)
Energy Star -> C:\Program Files\WindowsApps\AD2F1837.HPInc.EnergyStar_1.2.0.0_x64__v10z8vjag6ke6 [2022-12-06] (HP Inc.)
HP CoolSense -> C:\Program Files\WindowsApps\ad2f1837.hpcoolsense_1.1.3.0_x64__v10z8vjag6ke6 [2022-12-06] (HP Inc.)
HP PC Hardware Diagnostics Windows -> C:\Program Files\WindowsApps\AD2F1837.HPPCHardwareDiagnosticsWindows_2.1.0.0_x64__v10z8vjag6ke6 [2023-01-13] (HP Inc.)
HP Privacy Settings -> C:\Program Files\WindowsApps\AD2F1837.HPPrivacySettings_1.1.54.0_x64__v10z8vjag6ke6 [2022-12-08] (HP Inc.)
HP QuickDrop -> C:\Program Files\WindowsApps\AD2F1837.HPQuickDrop_2.5.10921.0_x64__v10z8vjag6ke6 [2022-12-06] (HP Inc.)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_141.2.441.0_x64__v10z8vjag6ke6 [2022-12-06] (HP Inc.)
HP Support Assistant -> C:\Program Files\WindowsApps\AD2F1837.HPSupportAssistant_9.23.20.0_x64__v10z8vjag6ke6 [2023-01-18] (HP Inc.)
HP System Event Utility -> C:\Program Files\WindowsApps\ad2f1837.hpsystemeventutility_1.3.2.0_x64__v10z8vjag6ke6 [2022-12-06] (HP Inc.)
Microsoft Whiteboard -> C:\Program Files\WindowsApps\Microsoft.Whiteboard_53.10114.505.0_x64__8wekyb3d8bbwe [2023-01-20] (Microsoft Corporation)
Minecraft Education -> C:\Program Files\WindowsApps\Microsoft.MinecraftEducationEdition_1.18.4500.0_x64__8wekyb3d8bbwe [2023-01-18] (Microsoft Studios)
ms-resource:app_name_ms_todo -> C:\Program Files\WindowsApps\Microsoft.Todos_2.87.53632.0_x64__8wekyb3d8bbwe [2023-01-11] (Microsoft Corporation) [Startup Task]
ms-resource:AppStoreName -> C:\Program Files\WindowsApps\microsoft.av1videoextension_1.1.52851.0_x64__8wekyb3d8bbwe [2022-12-06] (Microsoft Corporation)
ms-resource:AppStoreName -> C:\Program Files\WindowsApps\Microsoft.RawImageExtension_2.1.32791.0_x64__8wekyb3d8bbwe [2022-12-06] (Microsoft Corporation)
ms-resource:AppxManifest_DisplayName -> C:\Windows\SystemApps\Microsoft.Windows.PrintQueueActionCenter_cw5n1h2txyewy [2022-12-06] (Microsoft Corporation)
ms-resource:DisplayName -> C:\Program Files\WindowsApps\5A894077.McAfeeSecurity_2.1.68.0_x64__wafk5atnkzcwy [2022-12-11] (McAfee LLC.)
ms-resource:gameName -> C:\Program Files\WindowsApps\26720RandomSaladGamesLLC.SimpleSolitaire_7.4.14.0_x64__kx24dqmazqk8j [2022-12-08] (Random Salad Games LLC)
ms-resource:OEMAppName -> C:\Program Files\WindowsApps\C27EB4BA.DropboxOEM_23.4.5.0_x64__xbfy0k16fey96 [2022-12-27] (Dropbox Inc.)
myHP -> C:\Program Files\WindowsApps\AD2F1837.myHP_11.52247.86.0_x64__v10z8vjag6ke6 [2023-01-22] (HP Inc.) [Startup Task]
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.98.1805.0_x64__mcm4njqhnhss8 [2022-12-16] (Netflix, Inc.)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\nvidiacorp.nvidiacontrolpanel_8.1.963.0_x64__56jybvy8sckqj [2022-12-06] (NVIDIA Corp.)
OMEN Gaming Hub -> C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2212.6.0_x64__v10z8vjag6ke6 [2023-01-06] (HP Inc.) [Startup Task]
OMEN Light Studio -> C:\Program Files\WindowsApps\AD2F1837.OMENLightStudio_1.0.19.0_x64__v10z8vjag6ke6 [2022-12-08] (HP Inc.) [Startup Task]
Power Automate -> C:\Program Files\WindowsApps\Microsoft.PowerAutomateDesktop_10.0.5650.0_x64__8wekyb3d8bbwe [2023-01-20] (Microsoft Corporation) [Startup Task]
Prime Video for Windows -> C:\Program Files\WindowsApps\AmazonVideo.PrimeVideo_1.0.122.0_x64__pwbj9vvecjh7j [2023-01-18] (Amazon Development Centre (London) Ltd)
Python 3.10 -> C:\Program Files\WindowsApps\PythonSoftwareFoundation.Python.3.10_3.10.2544.0_x64__qbz5n2kfra8p0 [2023-01-15] (Python Software Foundation)
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.15.12020.0_x64__8wekyb3d8bbwe [2022-12-08] (Microsoft Studios) [MS Ad]
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.203.1115.0_x86__zpdnekdrzrea0 [2023-01-20] (Spotify AB) [Startup Task]
WhatsApp -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2301.4.0_x64__cv1g1gvanyjgm [2023-01-22] (WhatsApp Inc.) [Startup Task]
Windows Feature Experience Pack -> C:\Windows\SystemApps\MicrosoftWindows.Client.Core_cw5n1h2txyewy [2022-12-06] (Microsoft Windows)
WinRAR -> C:\Program Files\WinRAR [2022-12-10] (0)
==================== Personnalisé CLSID (Avec liste blanche): ==============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
CustomCLSID: HKU\S-1-5-21-3260349332-2736728831-3187818672-1001_Classes\CLSID\{D3E34B21-9D75-101A-8C3D-00AA001A1652}\localserver32 -> C:\Program Files\WindowsApps\Microsoft.Paint_11.2210.4.0_x64__8wekyb3d8bbwe\PaintApp\mspaint.exe () [Fichier non signé]
ContextMenuHandlers1: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => C:\Program Files\McAfee\MSC\McCtxMenuFrmWrk.dll [2022-10-19] (McAfee, LLC -> McAfee, LLC)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => -> Pas de fichier
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvhmi.inf_amd64_85fb950577102ec1\nvshext.dll [2022-11-28] (Nvidia Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => C:\Program Files\McAfee\MSC\McCtxMenuFrmWrk.dll [2022-10-19] (McAfee, LLC -> McAfee, LLC)
==================== Codecs (Avec liste blanche) ====================
==================== Raccourcis & WMI ========================
(Les éléments sont susceptibles d'être inscrits dans le fichier fixlist.txt afin d'être supprimés ou restaurés.)
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LastPass.lnk -> C:\Program Files (x86)\Online Services\LastPass\WizLink.exe () -> hxxp://js.redirect.hp.com/jumpstation?bd=lastpass&c=*&locale=*&pf=*&s=*&tp=edge
==================== Modules chargés (Avec liste blanche) =============
2023-01-21 14:07 - 2023-01-21 14:07 - 102033920 _____ () [Fichier non signé] C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2301.4.0_x64__cv1g1gvanyjgm\WhatsApp.dll
2023-01-21 14:07 - 2023-01-21 14:07 - 008572416 _____ () [Fichier non signé] C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2301.4.0_x64__cv1g1gvanyjgm\WhatsAppNative.dll
2021-08-20 06:44 - 2021-08-20 06:44 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppvIsvSubsystems64.dll] C:\Program Files\Microsoft Office\Root\Office16\AppVIsvSubsystems64.dll
2021-08-20 06:44 - 2021-08-20 06:44 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\C2R64.dll] C:\Program Files\Microsoft Office\Root\Office16\c2r64.dll
==================== Alternate Data Streams (Avec liste blanche) ========
==================== Mode sans échec (Avec liste blanche) ==================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le "AlternateShell" sera restauré.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HidSpiCx.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ModuleCoreService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TextInputManagementService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{5099944A-F6B9-4057-A056-8C550228544C} => ""="Memory"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{5099944A-F6B9-4057-A056-8C550228544C} => "SafeBootDrivers"="1"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HidSpiCx.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcapexe => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ModuleCoreService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TextInputManagementService => ""="Service"
==================== Association (Avec liste blanche) =================
==================== Internet Explorer (Avec liste blanche) ==========
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2022-12-07] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-01-14] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-01-14] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-01-14] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-01-14] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-01-14] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-01-14] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-01-14] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-01-14] (Microsoft Corporation -> Microsoft Corporation)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files\McAfee\MSC\McSnIePl64.dll [2022-10-19] (McAfee, LLC -> McAfee, LLC)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files (x86)\McAfee\MSC\McSnIePl.dll [2022-10-19] (McAfee, LLC -> McAfee, LLC)
==================== Hosts contenu: =========================
(Si nécessaire, la commande Hosts: peut être incluse dans le fichier fixlist.txt afin de réinitialiser le fichier hosts.)
2021-06-05 13:08 - 2021-06-05 13:08 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Autres zones ===========================
(Actuellement, il n'y a pas de correction automatique pour cette section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> %INTEL_DEV_REDIST%redist\intel64\compiler;C:\windows\system32;C:\windows;C:\windows\System32\Wbem;C:\windows\System32\WindowsPowerShell\v1.0\;C:\windows\System32\OpenSSH\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\Git\cmd
HKU\S-1-5-21-3260349332-2736728831-3187818672-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\SYU\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 1.1.1.1 - 1.0.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Le Pare-feu est activé.
Network Binding:
=============
Ethernet: Realtek LightWeight Filter (NDIS6.40) -> nt_rtf64 (enabled)
Ethernet 2: Realtek LightWeight Filter (NDIS6.40) -> nt_rtf64 (enabled)
Wi-Fi: Realtek LightWeight Filter (NDIS6.40) -> nt_rtf64 (enabled)
==================== MSCONFIG/TASK MANAGER éléments désactivés ==
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.)
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "ExpressVPNNotificationService"
HKU\S-1-5-21-3260349332-2736728831-3187818672-1001\...\StartupApproved\Run: => "com.evernote.Evernote"
HKU\S-1-5-21-3260349332-2736728831-3187818672-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_3542F0B3C2763F5D8052F5BF8BE10B07"
HKU\S-1-5-21-3260349332-2736728831-3187818672-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3260349332-2736728831-3187818672-1001\...\StartupApproved\Run: => "Steam"
==================== RèglesPare-feu (Avec liste blanche) ================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
FirewallRules: [{064916C4-503A-4D6B-A9C1-125E8D3ED6B8}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe => Pas de fichier
FirewallRules: [{B520B30A-673B-4626-AC9C-E1C9FB447FE2}] => (Allow) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHost.exe (McAfee, LLC -> McAfee, LLC)
FirewallRules: [{50E1168A-3938-40AB-91F5-D4A860B1DB2C}] => (Allow) C:\Program Files (x86)\Common Files\McAfee\MMSSHost\MMSSHost.exe (McAfee, LLC -> McAfee, LLC)
FirewallRules: [{F71C2F02-EF48-4683-AB61-05BD8236DE7B}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_110.8.2.0_x64__v10z8vjag6ke6\win32\OmenCommandCenterBackground.exe => Pas de fichier
FirewallRules: [{E246E97B-94AC-4BF6-B949-92EBF28D788B}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_110.8.2.0_x64__v10z8vjag6ke6\win32\OmenCommandCenterBackground.exe => Pas de fichier
FirewallRules: [{00DE246E-3905-45A5-BFD6-593E8367496D}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_110.8.2.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe => Pas de fichier
FirewallRules: [{1749BBFA-07F2-46CE-837A-44B4C790BF62}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_110.8.2.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe => Pas de fichier
FirewallRules: [{2DC37457-1F60-4B87-8EDB-D1404A4E2294}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_110.8.2.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe => Pas de fichier
FirewallRules: [{BBFDC002-372F-4BCA-9925-0A394806077E}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_110.8.2.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe => Pas de fichier
FirewallRules: [{215CDDE0-5EA3-4F33-A494-205D45D8239F}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_110.8.2.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe => Pas de fichier
FirewallRules: [{07E11814-25DE-4BCD-AF5D-18FB59BA5AD2}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_110.8.2.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe => Pas de fichier
FirewallRules: [{CB737A54-CD3D-4F27-B5B1-E0C303C48E56}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_110.8.2.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe => Pas de fichier
FirewallRules: [{C9747055-0908-41D7-8D80-6008D711B68B}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_110.8.2.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe => Pas de fichier
FirewallRules: [{0355E06D-3C8A-48ED-A294-70662F1C97C9}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_110.8.2.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe => Pas de fichier
FirewallRules: [{6B7BA742-61B4-40FD-8679-DB319D51E465}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_110.8.2.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe => Pas de fichier
FirewallRules: [{C76A0E4D-7228-4FAA-AA24-9C13AE706316}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_110.8.2.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe => Pas de fichier
FirewallRules: [{324319B9-0C18-4375-8CA0-6807F7B87D13}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_110.8.2.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe => Pas de fichier
FirewallRules: [{0D3E3E8C-4207-411A-AE99-D573E4CC2CE5}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_110.8.2.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe => Pas de fichier
FirewallRules: [{DE11C5F0-C6E3-42E6-8A1E-004B68609D83}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_110.8.2.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe => Pas de fichier
FirewallRules: [{2D0EB1D7-CFF1-4D2A-864C-4616A3D15D70}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_110.8.2.0_x64__v10z8vjag6ke6\win32\StreamerV2\Omen.exe => Pas de fichier
FirewallRules: [{F65B04D7-3434-4A31-B05A-73A0BF88BFB3}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_110.8.2.0_x64__v10z8vjag6ke6\win32\StreamerV2\Omen.exe => Pas de fichier
FirewallRules: [{46ABE89C-2F6F-41B5-8B57-281A54FE8912}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_110.8.2.0_x64__v10z8vjag6ke6\win32\StreamerV2\Omen.exe => Pas de fichier
FirewallRules: [{D520F97C-0ACC-4A8E-8991-3CBD689DC391}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_110.8.2.0_x64__v10z8vjag6ke6\win32\StreamerV2\Omen.exe => Pas de fichier
FirewallRules: [{0F3A5A9A-195F-4EE5-B07A-5B0F860A439D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{C49D8F4F-3C12-40FA-84B7-0F268075EF11}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{0EDA1220-70B1-4C12-84DE-DAA83022F591}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{63FDB8EC-3CDA-4277-A71C-C853D1237BBA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{B6779893-46FD-47E4-818C-D13F92A203B7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{4BF85646-AE12-4C3D-9927-0F49D7B64687}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{0F3BF0D5-EFB2-402F-B07A-667E48AAF2A0}] => (Allow) C:\Program Files\WindowsApps\Microsoft.MinecraftEducationEdition_1.14.52.0_x64__8wekyb3d8bbwe\Minecraft.Windows.exe => Pas de fichier
FirewallRules: [{E8F89258-019E-4DF6-80C3-1D18E4956208}] => (Allow) C:\Program Files\WindowsApps\Microsoft.MinecraftEducationEdition_1.14.52.0_x64__8wekyb3d8bbwe\Minecraft.Windows.exe => Pas de fichier
FirewallRules: [{161D938A-911F-40D3-82C9-39368D6D2323}] => (Allow) C:\Program Files\WindowsApps\Microsoft.MinecraftEducationEdition_1.14.52.0_x64__8wekyb3d8bbwe\Minecraft.Windows.exe => Pas de fichier
FirewallRules: [{90DDCAB8-91EF-47EA-98D8-12AE506031FB}] => (Allow) C:\Program Files\WindowsApps\Microsoft.MinecraftEducationEdition_1.14.52.0_x64__8wekyb3d8bbwe\Minecraft.Windows.exe => Pas de fichier
FirewallRules: [{C2861F3D-1ABF-4097-A079-4AA77B80F53E}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{196DAAB7-7517-4156-90B4-B101B72C0516}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{AD0EAE8C-A004-46E2-A6FA-96F6C7071929}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{83CE84FD-FAE0-4961-815E-A98DC17932C8}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{4962EC5A-1D6C-47A8-A2FA-4CDCCFF0B706}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\MONSTER HUNTER RISE SUNBREAK DEMO\MHRiseSunbreakDemo.exe (CAPCOM CO., LTD. -> )
FirewallRules: [{B8025F36-3647-493F-B465-6C5CB2EC621B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\MONSTER HUNTER RISE SUNBREAK DEMO\MHRiseSunbreakDemo.exe (CAPCOM CO., LTD. -> )
FirewallRules: [{B0F1A0F9-E042-4474-BC1D-DFA1FC1B727C}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{371187AB-462E-40AA-B0D7-624D7C41D32E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TEKKEN 7\TEKKEN 7.exe () [Fichier non signé]
FirewallRules: [{C39F2992-1B3A-411A-A764-AA368253067E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TEKKEN 7\TEKKEN 7.exe () [Fichier non signé]
FirewallRules: [{CCEB2C03-F93C-432C-A1E3-177E559BADC1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Halo Infinite\HaloInfinite.exe (343 Industries (Microsoft Corporation) -> Microsoft Corporation)
FirewallRules: [{DED2359D-92A9-4FD3-B164-83AAE581B40A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Halo Infinite\HaloInfinite.exe (343 Industries (Microsoft Corporation) -> Microsoft Corporation)
FirewallRules: [{97197F7A-278E-4111-B51F-BB7CE9AF5478}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TMNT\TMNT.exe (Tribute Games) [Fichier non signé]
FirewallRules: [{FD29D464-72AB-4578-94A6-8BDF58729EC9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TMNT\TMNT.exe (Tribute Games) [Fichier non signé]
FirewallRules: [{42B55784-4B28-431F-805C-A0BFFEDBF648}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Alice Madness Returns\Binaries\Win32\AliceMadnessReturns.exe () [Fichier non signé]
FirewallRules: [{749F81A3-44F3-40BA-944A-61E67E4CC644}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Alice Madness Returns\Binaries\Win32\AliceMadnessReturns.exe () [Fichier non signé]
FirewallRules: [{324F43E1-F607-4F8E-91A5-080511A4B053}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Space Runaway\SpaceRunaway.exe (Epic Games, Inc.) [Fichier non signé]
FirewallRules: [{DB91832B-3D84-4828-9DAF-81A02D23808F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Space Runaway\SpaceRunaway.exe (Epic Games, Inc.) [Fichier non signé]
FirewallRules: [{235E7FE3-2417-4A8E-AEA3-3DB94441D433}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2212.6.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe (HP Inc. -> HP Inc.)
FirewallRules: [{7B7C8BD5-A3B1-46E6-8FAA-8E6E9AFCCD34}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2212.6.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe (HP Inc. -> HP Inc.)
FirewallRules: [{F9573ED3-8656-4927-B953-A701CF47E31D}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2212.6.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe (HP Inc. -> HP Inc.)
FirewallRules: [{93F5127C-C840-4890-B375-F365729E7DC8}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2212.6.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe (HP Inc. -> HP Inc.)
FirewallRules: [{D85A5558-9EEB-48E8-A0E0-7A209DCF5A63}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2212.6.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe (HP Inc. -> HP Inc.)
FirewallRules: [{A905AFC5-C28B-4149-AC8B-4AA70855F98C}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2212.6.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe (HP Inc. -> HP Inc.)
FirewallRules: [{5DE86443-9AF3-415F-A1B3-13136156000C}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2212.6.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe (HP Inc. -> HP Inc.)
FirewallRules: [{54108912-BD4B-4D45-99CD-4471591C60D7}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2212.6.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe (HP Inc. -> HP Inc.)
FirewallRules: [{2ED392AC-28A1-49C6-853E-1067A8224F2C}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2212.6.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe (HP Inc. -> HP Inc.)
FirewallRules: [{8C91C1C9-59FC-4AFC-83EA-4E1DE03077CC}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2212.6.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe (HP Inc. -> HP Inc.)
FirewallRules: [{C5C05D9F-C559-4E03-973A-8B5BB3E0577F}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2212.6.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe (HP Inc. -> HP Inc.)
FirewallRules: [{82FB25DF-7D27-49B5-98FF-CAFA046F5955}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2212.6.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe (HP Inc. -> HP Inc.)
FirewallRules: [{8EA3127A-7294-419D-8958-6C674D189EF8}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2212.6.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe (HP Inc. -> HP Inc.)
FirewallRules: [{269C484B-8550-4DCD-8F82-8A97C4CE11E5}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2212.6.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe (HP Inc. -> HP Inc.)
FirewallRules: [{D84E360F-953C-48C1-8027-FDB92AF9DE17}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2212.6.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\OmenCommandCenterBackground.exe (HP Inc. -> HP Inc.)
FirewallRules: [{705AE79C-65C3-49AF-BBF5-38CE7A9519E2}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2212.6.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\OmenCommandCenterBackground.exe (HP Inc. -> HP Inc.)
FirewallRules: [{91E257AF-4745-4BF3-B322-C9D3371B171D}] => (Allow) C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe (Brave Software, Inc. -> Brave Software, Inc.)
FirewallRules: [{CE7C16CB-859B-4253-97CE-64478A10F1FE}] => (Allow) C:\Program Files\WindowsApps\Microsoft.MinecraftEducationEdition_1.18.4500.0_x64__8wekyb3d8bbwe\Minecraft.Windows.exe (Microsoft Corporation -> )
FirewallRules: [{F5DC8D74-11F9-41C9-B44E-922965661BCE}] => (Allow) C:\Program Files\WindowsApps\Microsoft.MinecraftEducationEdition_1.18.4500.0_x64__8wekyb3d8bbwe\Minecraft.Windows.exe (Microsoft Corporation -> )
FirewallRules: [{E60F5036-3ED6-433A-8BBB-4D1099DFB556}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_22336.910.1806.2450_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A051AEAC-64DD-4FB6-A604-3D70F5617112}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_22336.910.1806.2450_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{46694330-8ED9-4F26-9029-9F1D352473AD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Vengeful Guardian Moonrider Demo\Vengeful Guardian Moonrider STEAM DEMO.exe (Asteristic Game Studio and Joymasher) [Fichier non signé]
FirewallRules: [{3C6D22EB-1455-4199-A2C7-6116E7C6D2C5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Vengeful Guardian Moonrider Demo\Vengeful Guardian Moonrider STEAM DEMO.exe (Asteristic Game Studio and Joymasher) [Fichier non signé]
FirewallRules: [{CA5ADF3C-62BC-4D21-A5F9-5E17C7EF0EA7}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\109.0.1518.61\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{9A235D4F-D485-4CEC-A4ED-B4A8F14D9643}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.203.1115.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{820AA220-745C-44A5-8CA3-227F0F3C7D0B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.203.1115.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{40F1DA15-BEC4-4337-B8F1-99B8A6472AE0}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.203.1115.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{DC7A8A72-419F-426F-AD96-C65D4D81A6E4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.203.1115.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{9F5F037A-F74B-4633-B059-659C5B8EF195}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.203.1115.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{FCFABC08-78F2-458C-90C1-0D9DA6812DE8}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.203.1115.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{8084D6DB-3D1E-415C-89F5-AE08D5C681E9}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.203.1115.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{41F3D395-0F23-4536-8433-877E8A85AF61}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.203.1115.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{CDC98673-5B76-49B4-933A-E7CBD1CFFE5C}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
==================== Points de restauration =========================
10-01-2023 12:54:15 Point de contrôle planifié
17-01-2023 10:26:48 Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.34.31931
22-01-2023 06:45:59 AdwCleaner_BeforeCleaning_22/01/2023_06:45:58
==================== Éléments en erreur du Gestionnaire de périphériques ============
==================== Erreurs du Journal des événements: ========================
Erreurs Application:
==================
Error: (01/21/2023 01:12:12 PM) (Source: Application Error) (EventID: 1000) (User: AUTORITE NT)
Description: Nom de l’application défaillante McSync.exe, version : 19.20.141.0, horodatage : 0x635026ad
Nom du module défaillant : ntdll.dll, version : 10.0.22621.885, horodatage : 0xe3dee9a7
Code d’exception : 0xc0000005
Décalage d’erreur : 0x000000000003419a
ID du processus défaillant : 0x0x11b4
Heure de début de l’application défaillante : 0x0x1d92d91968b34f0
Chemin d’accès de l’application défaillante : C:\Program Files\McAfee\MSC\McSync.exe
Chemin d’accès du module défaillant: C:\WINDOWS\SYSTEM32\ntdll.dll
ID de rapport : 37dea8b4-f211-4b44-ba47-3d7499e9c92e
Nom complet du package défaillant :
ID de l’application relative au package défaillant :
Error: (01/20/2023 09:39:24 AM) (Source: Application Error) (EventID: 1000) (User: AUTORITE NT)
Description: Nom de l’application défaillante McSync.exe, version : 19.20.141.0, horodatage : 0x635026ad
Nom du module défaillant : ntdll.dll, version : 10.0.22621.885, horodatage : 0xe3dee9a7
Code d’exception : 0xc0000005
Décalage d’erreur : 0x000000000003419a
ID du processus défaillant : 0x0x6148
Heure de début de l’application défaillante : 0x0x1d92caab194a259
Chemin d’accès de l’application défaillante : C:\Program Files\McAfee\MSC\McSync.exe
Chemin d’accès du module défaillant: C:\WINDOWS\SYSTEM32\ntdll.dll
ID de rapport : 40cd29b9-840e-412f-9cc7-27f006d673a8
Nom complet du package défaillant :
ID de l’application relative au package défaillant :
Error: (01/19/2023 10:56:41 AM) (Source: Application Error) (EventID: 1000) (User: AUTORITE NT)
Description: Nom de l’application défaillante McSync.exe, version : 19.20.141.0, horodatage : 0x635026ad
Nom du module défaillant : ntdll.dll, version : 10.0.22621.885, horodatage : 0xe3dee9a7
Code d’exception : 0xc0000005
Décalage d’erreur : 0x000000000003419a
ID du processus défaillant : 0x0x1694
Heure de début de l’application défaillante : 0x0x1d92bec52d08201
Chemin d’accès de l’application défaillante : C:\Program Files\McAfee\MSC\McSync.exe
Chemin d’accès du module défaillant: C:\WINDOWS\SYSTEM32\ntdll.dll
ID de rapport : 320c2e7a-3d00-4a74-b413-6b957ef8265e
Nom complet du package défaillant :
ID de l’application relative au package défaillant :
Error: (01/19/2023 09:29:59 AM) (Source: CertEnroll) (EventID: 86) (User: AUTORITE NT)
Description: Échec de l’initialisation de l’inscription du certificat SCEP pour WORKGROUP\JB$ via https://AMD-KeyId-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net/templates/Aik/scep :
GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Thu, 19 Jan 2023 08:30:01 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: d46542e9-8948-424a-a40e-b403d232af54
Méthode : GET(188ms)
Étape : GetCACaps
Non trouvé (404). 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)
Error: (01/19/2023 09:29:58 AM) (Source: CertEnroll) (EventID: 86) (User: AUTORITE NT)
Description: Échec de l’initialisation de l’inscription du certificat SCEP pour Système local via https://AMD-KeyId-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net/templates/Aik/scep :
GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Thu, 19 Jan 2023 08:29:59 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: 3792d26c-9405-44a1-b958-efc8fb54cfe3
Méthode : GET(1406ms)
Étape : GetCACaps
Non trouvé (404). 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)
Error: (01/18/2023 10:56:33 AM) (Source: Application Error) (EventID: 1000) (User: AUTORITE NT)
Description: Nom de l’application défaillante McSync.exe, version : 19.20.141.0, horodatage : 0x635026ad
Nom du module défaillant : ntdll.dll, version : 10.0.22621.885, horodatage : 0xe3dee9a7
Code d’exception : 0xc0000005
Décalage d’erreur : 0x000000000003419a
ID du processus défaillant : 0x0x820
Heure de début de l’application défaillante : 0x0x1d92b23240f4a46
Chemin d’accès de l’application défaillante : C:\Program Files\McAfee\MSC\McSync.exe
Chemin d’accès du module défaillant: C:\WINDOWS\SYSTEM32\ntdll.dll
ID de rapport : d043ad3e-d216-4d52-89a7-987643e06eb9
Nom complet du package défaillant :
ID de l’application relative au package défaillant :
Error: (01/17/2023 12:23:09 PM) (Source: Application Error) (EventID: 1000) (User: AUTORITE NT)
Description: Nom de l’application défaillante McSync.exe, version : 19.20.141.0, horodatage : 0x635026ad
Nom du module défaillant : ntdll.dll, version : 10.0.22621.885, horodatage : 0xe3dee9a7
Code d’exception : 0xc0000005
Décalage d’erreur : 0x000000000003419a
ID du processus défaillant : 0x0x4eb8
Heure de début de l’application défaillante : 0x0x1d92a66128f906e
Chemin d’accès de l’application défaillante : C:\Program Files\McAfee\MSC\McSync.exe
Chemin d’accès du module défaillant: C:\WINDOWS\SYSTEM32\ntdll.dll
ID de rapport : 83528aaf-caa9-460e-aa0a-14f0124843a5
Nom complet du package défaillant :
ID de l’application relative au package défaillant :
Error: (01/17/2023 10:03:13 AM) (Source: CertEnroll) (EventID: 86) (User: AUTORITE NT)
Description: Échec de l’initialisation de l’inscription du certificat SCEP pour WORKGROUP\JB$ via https://AMD-KeyId-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net/templates/Aik/scep :
GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Tue, 17 Jan 2023 09:03:15 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: 544c2494-5cd5-412d-899d-6edde17a33da
Méthode : GET(188ms)
Étape : GetCACaps
Non trouvé (404). 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)
Erreurs système:
=============
Error: (01/22/2023 06:46:08 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Le service McAfee WebAdvisor s’est terminé de manière inattendue. Ceci s’est produit 1 fois. L’action corrective suivante va être effectuée dans 1 millisecondes : Redémarrer le service.
Error: (01/22/2023 06:46:08 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Le service Microsoft Office Click-to-Run Service s’est terminé de manière inattendue. Ceci s’est produit 1 fois. L’action corrective suivante va être effectuée dans 0 millisecondes : Redémarrer le service.
Error: (01/22/2023 06:46:08 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Le service HP Analytics service s’est terminé de manière inattendue. Ceci s’est produit 1 fois. L’action corrective suivante va être effectuée dans 30000 millisecondes : Redémarrer le service.
Error: (01/22/2023 06:46:08 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Le service Realtek Bluetooth Device Manager Service s’est terminé de façon inattendue pour la 1ème fois.
Error: (01/22/2023 06:46:08 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Le service Realtek Audio Universal Service s’est terminé de manière inattendue. Ceci s’est produit 1 fois. L’action corrective suivante va être effectuée dans 0 millisecondes : Redémarrer le service.
Error: (01/22/2023 06:46:08 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Le service HP App Helper HSA Service s’est terminé de manière inattendue. Ceci s’est produit 1 fois. L’action corrective suivante va être effectuée dans 5000 millisecondes : Redémarrer le service.
Error: (01/22/2023 06:46:08 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Le service HP Comm Recovery s’est terminé de façon inattendue pour la 1ème fois.
Error: (01/22/2023 06:46:08 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Le service Sound Research SECOMN Service s’est terminé de façon inattendue pour la 1ème fois.
CodeIntegrity:
===============
Date: 2023-01-22 12:41:24
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\McAfee\MfeAV\AMSIExt.dll that did not meet the Windows signing level requirements.
==================== Infos Mémoire ===========================
BIOS: AMI F.22 08/10/2022
Carte mère: HP 88DF
Processeur: AMD Ryzen 5 5600H with Radeon Graphics
Pourcentage de mémoire utilisée: 69%
Mémoire physique - RAM - totale: 7523.32 MB
Mémoire physique - RAM - disponible: 2331.48 MB
Mémoire virtuelle totale: 23395.32 MB
Mémoire virtuelle disponible: 13857.53 MB
==================== Lecteurs ================================
Drive c: (Windows) (Fixed) (Total:476.08 GB) (Free:94.67 GB) (Model: INTEL SSDPEKNU512GZH) NTFS
\\?\Volume{e9b349c9-8df2-4637-b433-5395ac22903a}\ (Windows RE tools) (Fixed) (Total:0.58 GB) (Free:0.05 GB) NTFS
\\?\Volume{e24d5257-9377-49b6-a503-8ff3633e7006}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.17 GB) FAT32
==================== MBR & Table des partitions ====================
==========================================================
Disk: 0 (Size: 476.9 GB) (Disk ID: 179A525C)
Partition: GPT.
==================== Fin de Addition.txt =======================